I was interested in hosting my own mail server that provides a similar level of privacy for users as Protonmail, ie the server admin cannot read any emails, even those which are not E2EE with PGP. Is there a self-hostable solution to this?
I’m aware the server admin can’t read emails that were sent encrypted using the user’s PGP key, but most emails I get are automated emails from companies/services/etc without the option to upload a public key to send the user encrypted email. If you’re with a service like Protonmail, the server admin still cannot read even these emails.
I’m curious - do you use email aliases to help reduce spam or block specific senders more easily? I’ve found that aliases can make a big difference in managing privacy and limiting unwanted messages. Startmail, for example, offers aliases as a convenient option without the need for self-hosting.
I do, and I agree about their utility. My users and aliases are in OpenLDAP but it’s pretty easy to add new ones.
Separate accounts are preferable if you’re actually going to be responding to messages. I’ve had some embarrassing encounters where I’ve given an alias to a business that I didn’t realize was going to actually use it for real email conversations with a human. By default roundcube web mail lets you hit reply anyway and the reply goes out with your real address, which can lead to confusion.